Report - gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a

Report Overview

Submitted URL
gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
IP
163.171.128.172
ASN
#54994 QUANTILNETWORKS
Submitted
2022-11-30 23:52:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	22 kB	142.250.74.35
ajax.aspnetcdn.com	693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	13 kB	152.199.19.160
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	5.3 kB	142.250.74.106
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	32 kB	142.250.74.42
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	21 kB	142.250.74.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	39 kB	34.120.237.76
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	44 kB	142.250.74.168
bbrcomp.joinsafelyonline.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	546 B	926 B	163.171.128.172
cdn.mouseflow.com	6644	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	819 B	18 kB	151.139.128.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.166.172.24
gamesparody.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	3.8 MB	163.171.128.172
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	3.8 kB	104.18.21.226
rfrgrtr.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	91 kB	207.120.33.34
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	1.6 kB	162.247.241.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	rfrgrtr.com/user/trk/?rtid=01150675717	Phishing
2022-11-30	medium	rfrgrtr.com/common_tpls/js/iframeResizer.contentWindow.min.js	Phishing
2022-11-30	medium	rfrgrtr.com/common_tpls/js/validate_form_v2.js?jsv=29	Phishing
2022-11-30	medium	rfrgrtr.com/common_tpls/js/form_support.js?v=1516308712	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	gamesparody.com/_bot_sbu/sbu_fpcm.js	59 kB	2023-03-11	2023-03-14
Pretty URL gamesparody.com/_bot_sbu/sbu_fpcm.js IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:23:21 Last Seen2023-03-14 09:22:39 Times Seen1 Hash e14507964703955ea7c1831e04480971 ba44dec8dce7a2022a9049364fea83cadcc4315d 723eaaaee940cfa79b19a1364bf573de2f7a0efec1a5728578087453a48deedd Loading...

	gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f	59 B	2023-03-11	2023-03-11
Pretty URL gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:58:48 Last Seen2023-03-11 23:14:26 Times Seen1 Hash a39db94d4490be603cd8c48c19bbf026 f512afef0c1163cde47465abf01d08175eb7a344 785b9d386234fea4a810270f339ee7fe36757ebd11fffaa5fb07385889dd6d8c Loading...

	cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js	62 kB	2023-03-11	2023-03-11
Pretty URL cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:58:48 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 3b72a50eadb65b783297be559e0661dd 914927f3253777d66659eff0455072c9a27dc07f 1c3ec6a5a1bf6d0b02d0b02a79c127754dc44b448087a67d1754cf10cc8ab386 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-25 02:03:00 Times Seen95470 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RUDFtVTVgPAlwZGBMMEw%3D%3D&rst=4672&ck=1&ref=https://gamesparody.com/tools/landers/st/007hld/&ap=15&be=2209&fe=4611&dc=3025&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852341936,%22n%22:0,%22f%22:1670,%22dn%22:1673,%22dne%22:1674,%22c%22:1675,%22s%22:1704,%22ce%22:2152,%22rq%22:2153,%22rp%22:2181,%22rpe%22:2185,%22dl%22:2187,%22di%22:3006,%22ds%22:3025,%22de%22:3037,%22dc%22:4609,%22l%22:4610,%22le%22:4611%7D,%22navigation%22:%7B%7D%7D&fcp=3008&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RUDFtVTVgPAlwZGBMMEw%3D%3D&rst=4672&ck=1&ref=https://gamesparody.com/tools/landers/st/007hld/&ap=15&be=2209&fe=4611&dc=3025&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852341936,%22n%22:0,%22f%22:1670,%22dn%22:1673,%22dne%22:1674,%22c%22:1675,%22s%22:1704,%22ce%22:2152,%22rq%22:2153,%22rp%22:2181,%22rpe%22:2185,%22dl%22:2187,%22di%22:3006,%22ds%22:3025,%22de%22:3037,%22dc%22:4609,%22l%22:4610,%22le%22:4611%7D,%22navigation%22:%7B%7D%7D&fcp=3008&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f	31 kB	2023-03-07	2023-03-17
Pretty URL gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-03-17 12:47:27 Times Seen1 Hash 0d87c9ac63664e90bcdcf1df76813118 4922933dfd297349786a49b93ade8565bc3040bc 692f48e66ad8fd2dec40dc04445caa0f052e1cfc39da5802ae2e0f36b36eca6e Loading...

	gamesparody.com/common/js/iframeResizer/iframeResizer.min.js	12 kB	2023-03-07	2024-03-24
Pretty URL gamesparody.com/common/js/iframeResizer/iframeResizer.min.js IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2024-03-24 13:25:54 Times Seen102 Hash f6fb142b95a0163be52282ef8b1f4b9a 271ffc93a6b6ef177b6418b6c0d1fb28624e9fb5 35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33 Loading...

	gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f	271 B	2023-03-11	2023-03-11
Pretty URL gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:14:26 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 39d4938a689eb2b8e053d85aa99b29d9 191aa74369404fadad6f0b4753d3c1d4989b11cf b095c11cbc63e123bc9abcccd258de2cc555040f2fa0b1028050e3de57563217 Loading...

	gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f	325 B	2023-03-11	2023-03-11
Pretty URL gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:58:48 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 3bab5c999ff339d979e06d61ba8f93ca c9e31fc6dc6457e5a11df958bcb3f6d180d85dce f96f09e27616c32d983b5d02aa3ea89b902f67360fc233d64ec61298d7802409 Loading...

	rfrgrtr.com/user/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f&sitekey=07ffecf830cfd29e&rtr=1&rtid=01150675717	44 B	2023-03-07	2023-04-05
Pretty URL rfrgrtr.com/user/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f&sitekey=07ffecf830cfd29e&rtr=1&rtid=01150675717 IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-04-05 01:56:56 Times Seen13 Hash ab82587f78d95dff9b9823f621ecc33e 0f0fe112ce900bb454b1380564363c1a8c073db4 61733e01ae1056d3484f1e01b0a0962b73dd904675d52bd99b37fc955a2ca51f Loading...

	ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js	36 kB	2023-03-07	2024-04-25
Pretty URL ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-25 00:01:13 Times Seen2994 Hash 046ba2b5f4cff7d2eaaa1af55caa9fd8 b3f2ef9f985e7906c9360756b73cd64bf7733647 c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892 Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	1.7 kB	2023-03-07	2023-12-10
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-12-10 04:20:36 Times Seen4 Hash 78a3ac63c67d8cafa57db3facb4ee133 deba56ced8ff4d76601a12005a1053f621178753 8c8fb107ce9ac65638ec18aaec0488bc330ffb8e0960860bd9632638f44c195d Loading...

	gamesparody.com/tools/landers/st/007hld/js/ion.sound.min.js	13 kB	2023-03-07	2024-03-20
Pretty URL gamesparody.com/tools/landers/st/007hld/js/ion.sound.min.js IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:20:11 Last Seen2024-03-20 19:22:13 Times Seen127 Hash b710025e9615bd7373ec7cd49e21a99f 4f831a37b333a2f39b6cf4d8d43b7f07ba8db4f8 1520e67c06c2b44c67aec9833b5f1c5324c2cc8842d82f7cc3509adc34c95a0a Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	264 B	2023-03-07	2024-01-28
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-28 20:20:17 Times Seen62 Hash 50b8d257c149e4c89eb8fcd42cbb90bd ec36a40fb37b6fcca17ac892e3b274ecff9c5164 04b5d8be7fc682489a5060b6832c7a14ebe5480a284f3f9d55f0a0407aeff7b0 Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	154 B	2023-03-07	2024-01-03
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-03 22:08:36 Times Seen27 Hash 7ca4548110bd2c05da7e5222ccfbb504 0649d1bcc1e6f3cd57af1273b2a511dc9b4f415f ac2642ddd2f2bd3248dcbcaeaadbe6a4e74fa2d8b5bc88e7dfb9d3b1e341a748 Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	294 B	2023-03-11	2023-03-11
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:14:26 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 305a33aebb806ec721f5fb3e084df73a fbfab28f04132bf50a6c1dfa7ea15e511c8b7fb6 80b73ba5092a9f45bb5c704537a42d7187cb31a67ccea0c10d19a6e72fff6914 Loading...

	gamesparody.com/tools/landers/st/007hld/js/scripts.js	2.9 kB	2023-03-11	2023-03-11
Pretty URL gamesparody.com/tools/landers/st/007hld/js/scripts.js IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:58:48 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 83d7ea0cd7bfa1e9e421e27261d76df2 ce64137a2aae2de6e980506630f2aa0d0739a2e1 d97dfb59526bd9726beb99f7dfbec5630021a25931d0e96103477eec44793e0a Loading...

	gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f	322 B	2023-03-07	2023-03-29
Pretty URL gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-03-29 23:50:51 Times Seen2 Hash 840f7ddaeac3017f0b2e9c4faf8f698f 45f3563c416a7c39fc743fa467d42be7e5764f1e 36122aeea4a351ad513f1ccadcba768d9f829a3bb0e727d7cba3f7298476379a Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	21 B	2023-03-07	2024-01-03
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-03 22:08:36 Times Seen25 Hash cd52ca5e71888911665cef8fb5ca012a a9de6870672c8a54368632cd2729d4641d3839fd c1c8cc166507fc9682618879b36ca4ef73686a85f08e518de98b5797e460503d Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	127 B	2023-03-07	2024-01-28
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-28 20:20:17 Times Seen45 Hash f92940178528cff899349c6b3bc8f6b5 71946185435cc4ee489eed6d3b8cb89c9e482857 1c176f72b1e82fdcc2b59f3161850788a57e77e4e9df64f1147a6d8a5228552b Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	54 B	2023-03-07	2023-12-10
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:08 Last Seen2023-12-10 04:20:36 Times Seen4 Hash 669931427a7b37799cb6cd14c77adf74 6c369869bbb5dc43f9736884aa0d6aeaed025d69 5b9fe0f25cd37cd20001eee762424e237107d81ef23fa68f7838882be4da004f Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	62 B	2023-03-11	2023-03-11
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:14:26 Last Seen2023-03-11 23:14:26 Times Seen1 Hash b4a748d3000242b248565262e7146478 1aa4d33d59fa0c9873819afe731d0aab9bfb1677 622db8fa1a750f2c59bb0545e6394ff412b3378957fe908dc358d85fea0710e3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9	96 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:14:26 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 0f40317f846f37fe42ee8349fae744a1 537d3a36da6cae05fc4a88667218fc7747cd476d c69dc13fec0a60008248a4d4f0594f49105a08e0e1d476a509b3cd765ef466e4 Loading...

	gamesparody.com/_ws_sbu/sbu_hc.js	33 kB	2023-03-11	2023-03-11
Pretty URL gamesparody.com/_ws_sbu/sbu_hc.js IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:14:26 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 1fb719cd7dd6accebcbcb873d1633e0e 918e9305785825eaf85f0bcd178f419d42e87a70 900b2842a4637e4bbe2b4b20748f963a4553389d2374fb1e7e667e54ca1641c6 Loading...

	gamesparody.com/tools/landers/st/007hld/js/jquery.js	93 kB	2023-03-07	2024-04-24
Pretty URL gamesparody.com/tools/landers/st/007hld/js/jquery.js IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-24 17:20:51 Times Seen1017 Hash 3a728460147fb9af7faf0e587b9fbf42 f3a55f44fb81cf8ee908a3872841f70d6548f8c1 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31 Loading...

	gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f	289 B	2023-03-11	2023-03-11
Pretty URL gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:58:48 Last Seen2023-03-11 23:14:26 Times Seen1 Hash 7db098f7a51b72c3000124471792e692 ed027317b903b5c32fe0abe83d001027d2961955 887873dd41b9bdaaedbe9c9e4ed07ad2f1cf03bf7b8303a7cc067105cdeb7546 Loading...

	rfrgrtr.com/common_tpls/js/validate_form_v2.js?jsv=29	25 kB	2023-03-08	2023-03-12
Pretty URL rfrgrtr.com/common_tpls/js/validate_form_v2.js?jsv=29 IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:49 Last Seen2023-03-12 14:53:22 Times Seen1 Hash 3c08eb2dc8ebcaf8d56a7e616a5c50c9 0b17e9364b41e4d25d0cac17f472f960a5cc82ed 9f1dd7e6654df9384fa10dc39fbadb13e844319400af27c73652362bfbed1e35 Loading...

	rfrgrtr.com/common_tpls/js/iframeResizer.contentWindow.min.js	13 kB	2023-03-07	2024-04-24
Pretty URL rfrgrtr.com/common_tpls/js/iframeResizer.contentWindow.min.js IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-24 21:03:17 Times Seen369 Hash 2cf9df789476bc39b9906030f639660d de708b4a0fe32f3d77505675eb119b671327a6b4 7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	166 B	2023-03-07	2024-02-03
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-02-03 22:04:12 Times Seen152 Hash 30fbeedd3ef42ed4b3c0cedc516b2f71 dff25b928dad51d1d769285bf2a302d2be531927 1a9018c8172241d8aade74fd982307b0171e6b21ce2b4a470342852d92a99ed0 Loading...

	www.googletagmanager.com/gtag/js?id=UA-208173773-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-208173773-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:14:26 Last Seen2023-03-11 23:14:26 Times Seen1 Hash d3918c3e61509b10cf3d8247e91a4893 9aeb57ec611201a24a841284a3ce21f50e36eddc 5775f8c898ecbab6894f3f03e1a2631914c903d8cf25ebac54fd9d28888392a4 Loading...

	rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb	341 B	2023-03-07	2024-01-03
Pretty URL rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-01-03 22:08:36 Times Seen27 Hash b8efe6a55af9822df37e3a215856c4ce 7a3cb9da219880386319fbb0a0f0c7e9dcdc9fbf 92a59ecee117a08d199a1443de12eded994ab404d4f982470756e39fb38c52ee Loading...

	js-agent.newrelic.com/nr-spa-1216.min.js	50 kB	2023-03-07	2024-03-22
Pretty URL js-agent.newrelic.com/nr-spa-1216.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:43 Times Seen568 Hash 63e2df852d15ab21d7ff8fc4363222e8 7ee401ba652db0a4ec960350e17216cda01e22fb 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Loading...

	gamesparody.com/_bot_sbu/sbu_fpc.js	136 kB	2023-03-11	2023-03-14
Pretty URL gamesparody.com/_bot_sbu/sbu_fpc.js IP 163.171.128.172 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:58:48 Last Seen2023-03-14 09:22:39 Times Seen1 Hash 4e374b5c16360e38ce538cd93bff0344 5d4c856aa3b1f81a1c4d7016655d4d92012b5d4f 7a19a6d3b4bf8f51c20c9924a6c4a8efab3c8343f63b4929bbda2481c006532d Loading...

	rfrgrtr.com/common_tpls/js/form_support.js?v=1516308712	3.8 kB	2023-03-08	2024-02-03
Pretty URL rfrgrtr.com/common_tpls/js/form_support.js?v=1516308712 IP 207.120.33.34 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:49 Last Seen2024-02-03 22:04:12 Times Seen165 Hash 4ffa5d12f2aa2394aa284438d9ab1658 66a6678dc24eae37e35b8ee571e78f6e8af796da a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (63)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7180
Expires: Thu, 01 Dec 2022 01:52:03 GMT
Date: Wed, 30 Nov 2022 23:52:23 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4226
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:52:23 GMT
Last-Modified: Wed, 30 Nov 2022 22:41:57 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7843
Expires: Thu, 01 Dec 2022 02:03:06 GMT
Date: Wed, 30 Nov 2022 23:52:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 23:19:44 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1959
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FSMXc6MWjM88zTDbkgvKJzxcYXCxDXXmQDH22cbyAz7xPF37Xr2GTxBQ168+4YJPzn01RDJPxqE=
x-amz-request-id: DMXZ24YEJMAGDAK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 23:45:26 GMT
age: 417
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 23:52:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 23:11:15 GMT
cache-control: public,max-age=3600
age: 2469
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4224
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:52:24 GMT
Last-Modified: Wed, 30 Nov 2022 22:42:00 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.166.172.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.166.172.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U++7eUk2/4TnsxnfZuo2Ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tI2ku0juwFcDKRnd6wmOLi462ew=

gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f

163.171.128.172

301 Moved Permanently

178 B

URL HTTP/1.1
gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 23:52:24 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: waf/4.32.3-0.el6
Location: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
X-Via: 1.1 PS-SJC-011UH181:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:8 (Cdn Cache Server V2.0), 1.1 PS-FRA-01lai110:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6387ecb8_PSdgflkfFRA1je97_16722-40528
Set-Cookie: HMF_CI=5b6cfa209b2e9fc3d03737ac1070f4a081c37096e4bfe7a478435f3731c8d56650aff83e9a8c6c750d761efe8809336b609680557c88da5fd1be2e5af671927a98; Expires=Fri, 30-Dec-22 23:52:24 GMT; Path=/

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
04b898ced1f6599ade45d4af3981572b
40a8054a906d124b378cdaceec86d914a15e2d35
6f05166339d95493458b95c2b71fdfb480257d19aca3d1fa068ce7d9f7a4d0be

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:52:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 04 Dec 2022 23:52:24 GMT
ETag: "40a8054a906d124b378cdaceec86d914a15e2d35"
Last-Modified: Wed, 30 Nov 2022 23:52:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77277f241b7bb50c-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:52:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gamesparody.com/tools/landers/st/007hld/images/ratings.gif

163.171.128.172

200 OK

1.4 kB

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/images/ratings.gif
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 60 x 89\012- data
Size
1.4 kB (1398 bytes)
Hash
38e0ca67cfb62d1986c8dcc8cff4a741
c5fa4c6d7c3b8190681ed3497b68e93a22ba03b9
82f290e619b3fd9798242068487c2473b2359a7d34c9b9bbf2403656f5b7202b

HTTP Headers

GET /tools/landers/st/007hld/images/ratings.gif HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: image/gif
content-length: 1398
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-576"
accept-ranges: bytes
age: 1
x-via: 1.1 PS-SJC-011UH181:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:7 (Cdn Cache Server V2.0), 1.1 PS-FRA-01lai110:9 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65147
X-Firefox-Spdy: h2

gamesparody.com/_ws_sbu/sbu_hc.js

163.171.128.172

200 OK

34 kB

URL HTTP/2
gamesparody.com/_ws_sbu/sbu_hc.js
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
data
Size
34 kB (33721 bytes)
Hash
6a0bb7a81b9b69d731c90b34e0466096
9f644b0bf76066bb2b2669880789261897e60786
2c264e5599e3a22a6b0d604b8bed06f7676de0f5536afb4afd7ae432c7c328f3

HTTP Headers

GET /_ws_sbu/sbu_hc.js HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: text/javascript
cache-control: no-store
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Thu, 01 Dec 2022 00:38:22 GMT
Date: Wed, 30 Nov 2022 23:52:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Thu, 01 Dec 2022 00:38:22 GMT
Date: Wed, 30 Nov 2022 23:52:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Thu, 01 Dec 2022 00:38:22 GMT
Date: Wed, 30 Nov 2022 23:52:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Thu, 01 Dec 2022 00:38:22 GMT
Date: Wed, 30 Nov 2022 23:52:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Thu, 01 Dec 2022 00:38:22 GMT
Date: Wed, 30 Nov 2022 23:52:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5295 bytes)
Hash
eb4b8985f697c1ff7753d3961fb4f67d
b412d62d44993500b947a38e8e242d0c6d6b7588
571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5295
x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzM0HmuoAMF4Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:17:18 GMT
age: 5707
etag: "b412d62d44993500b947a38e8e242d0c6d6b7588"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Bangers

142.250.74.106

200 OK

4.6 kB

URL HTTP/2
fonts.googleapis.com/css?family=Bangers
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
4.6 kB (4582 bytes)
Hash
cc7624eb7ccc78d8a2584ac0f97cfdaf
477d3f8084cad5ad1ac4e8455ad0c62eb4e06b2b
8e961adb05294fb8f7f7c83e4c5fdd87bc25e8612f54754963e2a66a4fa38c36

HTTP Headers

GET /css?family=Bangers HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:52:25 GMT
date: Wed, 30 Nov 2022 23:52:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfmEmKoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 06:20:48 GMT
age: 63097
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.2 kB (2150 bytes)
Hash
995eb3df7ec5507e3392fdb1ca6395b4
9bc2e9039e9340b83ffcfb90e4e2c631a8723e60
4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2150
x-amzn-requestid: b8ce8dbd-9109-4abc-9136-e4ac1ec37f15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPdIFGdooAMFQmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382dbcd-6a718efd51051576132dd523;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:38:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z8LtaO2ywz0X9cGNU18a5eyA9jIy6hL9dEaZgcecoggpEelDxiTy7w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 14:43:12 GMT
age: 32953
etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12655 bytes)
Hash
1039182464db1365a476dd88029b97d8
06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac
2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12655
x-amzn-requestid: db51cc10-5e13-4d63-a15b-a1c62b159f7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzNfFvloAMFgqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbef-67ec32d74521865c7f800ac6;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mctLVf0ho2G4skGRA0gpSH5HVoAUeH7YOyY1QA4_abODLKqRIX0eTg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:09:11 GMT
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac"
content-type: image/jpeg
age: 6194
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4409 bytes)
Hash
b8802d5080eb35e4052ef31cf7658650
1e78566f2e69268c5f753fb49112ab07aae3eccf
9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4409
x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz7XEE2IAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 7360
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/js/jquery.js

163.171.128.172

200 OK

93 kB

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/js/jquery.js
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (65481)
Size
93 kB (92555 bytes)
Hash
3a728460147fb9af7faf0e587b9fbf42
f3a55f44fb81cf8ee908a3872841f70d6548f8c1
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

HTTP Headers

GET /tools/landers/st/007hld/js/jquery.js HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: application/javascript
content-length: 92555
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-1698b"
accept-ranges: bytes
x-via: 1.1 PS-DFW-014Az146:10 (Cdn Cache Server V2.0), 1.1 kf230:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:18 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65140
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/images/13.jpg

163.171.128.172

200 OK

711 kB

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/images/13.jpg
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1091, components 3\012- data
Size
711 kB (710680 bytes)
Hash
584f099edc42db7a3a3907d0c0209091
dc8b18c6263e4ae10272e73f1fcedec89f544be4
9d1fec413e95f85e919fb8b46cc7c6be1bb24c470a19e5d1e525957bf91e8c36

HTTP Headers

GET /tools/landers/st/007hld/images/13.jpg HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: image/jpeg
content-length: 710680
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-ad818"
accept-ranges: bytes
age: 1
x-via: 1.1 PSmgdfDEN1vd94:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:12 (Cdn Cache Server V2.0), 1.1 CSP-A15498:10 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65148
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/js/ion.sound.min.js

163.171.128.172

200 OK

13 kB

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/js/ion.sound.min.js
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (535), with CRLF line terminators
Size
13 kB (12860 bytes)
Hash
4cbefb51c1317a7ff5604268e81e04d4
231298580a163aaf0877a863a2de97c7ce54b1ee
880df0583b3ff4a008153ca17cc25fe39a85f51602f0abba543b3ef762c062b0

HTTP Headers

GET /tools/landers/st/007hld/js/ion.sound.min.js HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: application/javascript
content-length: 12860
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-323c"
accept-ranges: bytes
x-via: 1.1 PS-DFW-014Az146:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PS-FRA-01lai110:14 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65141
X-Firefox-Spdy: h2

gamesparody.com/common/js/iframeResizer/iframeResizer.min.js

163.171.128.172

200 OK

12 kB

URL HTTP/2
gamesparody.com/common/js/iframeResizer/iframeResizer.min.js
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (11471)
Size
12 kB (11799 bytes)
Hash
f6fb142b95a0163be52282ef8b1f4b9a
271ffc93a6b6ef177b6418b6c0d1fb28624e9fb5
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

HTTP Headers

GET /common/js/iframeResizer/iframeResizer.min.js HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:26 GMT
content-type: application/javascript
content-length: 11799
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:04:58 GMT
etag: "613263ca-2e17"
accept-ranges: bytes
x-via: 1.1 PS-DFW-014Az146:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65151
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/js/scripts.js

163.171.128.172

200 OK

2.9 kB

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/js/scripts.js
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (1611), with CRLF line terminators
Size
2.9 kB (2902 bytes)
Hash
83d7ea0cd7bfa1e9e421e27261d76df2
ce64137a2aae2de6e980506630f2aa0d0739a2e1
d97dfb59526bd9726beb99f7dfbec5630021a25931d0e96103477eec44793e0a

HTTP Headers

GET /tools/landers/st/007hld/js/scripts.js HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:26 GMT
content-type: application/javascript
content-length: 2902
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-b56"
accept-ranges: bytes
x-via: 1.1 PS-DFW-014Az146:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:5 (Cdn Cache Server V2.0), 1.1 PS-FRA-01lai110:9 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65142
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/images/cute.jpg

163.171.128.172

200 OK

179 kB

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/images/cute.jpg
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size
179 kB (179221 bytes)
Hash
9a9470eb8e3cb36673e25b952c960c84
42d01e411b600da5480de75b195ec9bafb0effbd
ea77a874908376fd1e72c5a1c027024a561effb637837399802402449d82bfcd

HTTP Headers

GET /tools/landers/st/007hld/images/cute.jpg HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:26 GMT
content-type: image/jpeg
content-length: 179221
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-2bc15"
accept-ranges: bytes
x-via: 1.1 PS-SJC-011UH181:5 (Cdn Cache Server V2.0), 1.1 kf230:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:8 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65146
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bangers/v20/FeVQS0BTqb0h60ACH55Q2A.woff2

142.250.74.35

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/bangers/v20/FeVQS0BTqb0h60ACH55Q2A.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21108, version 1.0\012- data
Size
21 kB (21108 bytes)
Hash
c0adfbbeb720dc8ff213bf9d6d1624f7
1fe31cbccb96cdab9b469a1b862a1c1e56fcf4d0
044fcac1dd67f1ca51feee80bf7dbcfba38fe02d17910e9d249b6ad4efd84956

HTTP Headers

GET /s/bangers/v20/FeVQS0BTqb0h60ACH55Q2A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gamesparody.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:26:03 GMT
expires: Thu, 30 Nov 2023 04:26:03 GMT
cache-control: public, max-age=31536000
age: 69983
last-modified: Tue, 19 Apr 2022 18:46:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gamesparody.com/tools/landers/st/007hld/images/18.gif

163.171.128.172

200 OK

2.7 MB

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/images/18.gif
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 1000 x 563\012- data
Size
2.7 MB (2729947 bytes)
Hash
d450a587a67eccfdceaedfaa22f03354
527065e1ebf7208c8d74a6293141b0305a83decb
d2ddfdd0a7cefdbe80af2ec9805c934cef4b9d30239637242c0fd0f30f0603a6

HTTP Headers

GET /tools/landers/st/007hld/images/18.gif HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: image/gif
content-length: 2729947
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-29a7db"
accept-ranges: bytes
age: 1
x-via: 1.1 PS-DFW-01gGZ147:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65150
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
d9d8d8e95baba6c6d38a260325e88e3b
6987fcda79f5f337206ba343311fb9ce97fcc6ce
3019031a972b997fc1d9dcd24f816ad3bbe2257611fd541388f83d04379c2fa0

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:52:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 04 Dec 2022 20:54:11 GMT
ETag: "6987fcda79f5f337206ba343311fb9ce97fcc6ce"
Last-Modified: Wed, 30 Nov 2022 20:54:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77277f2d09c2b50c-OSL

cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js

151.139.128.10

301 Moved Permanently

0 B

URL HTTP/2
cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Wed, 30 Nov 2022 23:52:26 GMT
accept-ranges: bytes
content-length: 0
location: https://cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js
cache-control: max-age=86400
x-hw: 1669852346.cds219.sk1.hn,1669852346.cds239.sk1.c
x-hw-loc: https://cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd.js
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js

151.139.128.10

200 OK

17 kB

URL HTTP/2
cdn.mouseflow.com/projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (61571), with no line terminators
Size
17 kB (17398 bytes)
Hash
f34d6a84bb7ca702d384c682334ab29e
e8170f5af0a99839fb269c13f69f2d3434aa7d5d
d46d30e928b32da051fb433979e5948d59ee62a285b6a916f47e22b8477cadb9

HTTP Headers

GET /projects/157fbd06-71e6-4008-abd1-730b6b612fbd_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesparody.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:26 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 17398
content-type: application/javascript; charset=utf-8
last-modified: Sun, 20 Nov 2022 16:01:21 GMT
accept-ranges: bytes
etag: "91475555f9fcd81:0"
server: 
x-hw: 1669852346.cds219.sk1.hn,1669852346.cds235.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/pepp5_celtics1?t=3600

163.171.128.172

404 Not Found

162 B

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/pepp5_celtics1?t=3600
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

HTTP Headers

POST /tools/landers/st/007hld/pepp5_celtics1?t=3600 HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6Ijg1OWY3YTI0YzMwNTEyYjAiLCJ0ciI6IjE4NTc0MzZhMDcxZjY0NTU4ZjY1NWQ2OWEzYzQ5MjAxIiwidGkiOjE2Njk4NTIzNDUxMzF9fQ==
traceparent: 00-1857436a071f64558f655d69a3c49201-859f7a24c30512b0-01
tracestate: 3355250@nr=0-1-3355250-1103078842-859f7a24c30512b0----1669852345131
Content-Type: application/x-www-form-urlencoded;
Content-Length: 1277
Origin: https://gamesparody.com
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c; HOY_TR=TLUEQWYRMBGCFJSA,37859BDAC1E4F026,kqvswbmuhtzfxrjc; HBB_HC=c4a8ff51c5737463885677748cdfa0b92dffe53dcddf083699a3f2c563b762edf37a7a1913dd7d84b530e3fe02cd5797c9; CSH_DF=fGkCP11kqFQdj0irdEnxgz/rQ7sKyM/2Tdh5Uu9E/XH2AAyMpWzIQ/AJ9dc4ma9oJa; CSH_UF=df16c081c25306654a0efb89b8761a08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 30 Nov 2022 23:52:26 GMT
content-type: text/html
content-length: 162
server: waf/4.32.3-0.el6
x-via: 1.1 PS-SJC-011UH181:3 (Cdn Cache Server V2.0), 1.1 CSP-A15498:13 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecba_CSP-A15498_25948-65176
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/images/jump-favicon.ico

163.171.128.172

404 Not Found

162 B

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/images/jump-favicon.ico
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

HTTP Headers

GET /tools/landers/st/007hld/images/jump-favicon.ico HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c; HOY_TR=TLUEQWYRMBGCFJSA,37859BDAC1E4F026,kqvswbmuhtzfxrjc; HBB_HC=c4a8ff51c5737463885677748cdfa0b92dffe53dcddf083699a3f2c563b762edf37a7a1913dd7d84b530e3fe02cd5797c9; CSH_DF=fGkCP11kqFQdj0irdEnxgz/rQ7sKyM/2Tdh5Uu9E/XH2AAyMpWzIQ/AJ9dc4ma9oJa; CSH_UF=df16c081c25306654a0efb89b8761a08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 30 Nov 2022 23:52:27 GMT
content-type: text/html
content-length: 162
server: waf/4.32.3-0.el6
x-via: 1.1 PS-SJC-011UH181:7 (Cdn Cache Server V2.0), 1.1 kf230:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:5 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecba_CSP-A15498_25948-65194
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8832bb2e51c5b9ffdd1535af9409d8dc
64b24b4194bdd0cf9b80ad4fabe3ac98ad572126
270cdf2ffabffd17fbe3ed273a7f4a12a481f930a293f04f52ae94296f707bf0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "270CDF2FFABFFD17FBE3ED273A7F4A12A481F930A293F04F52AE94296F707BF0"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2620
Expires: Thu, 01 Dec 2022 00:36:07 GMT
Date: Wed, 30 Nov 2022 23:52:27 GMT
Connection: keep-alive

rfrgrtr.com/user/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f&sitekey=07ffecf830cfd29e&rtr=1&rtid=01150675717

207.120.33.34

200 OK

31 kB

URL HTTP/2
rfrgrtr.com/user/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f&sitekey=07ffecf830cfd29e&rtr=1&rtid=01150675717
IP
207.120.33.34:0
ASN
#3356 LEVEL3

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32010)
Size
31 kB (30963 bytes)
Hash
ce9c15233366135d7e8360a3c2ffed1e
0e8e512e902e2cf2f6687fe0a7e65f11d00265f3
e6f457fc139f892575b0c4750bf9456128a3b8ed90015197745716b01dc24dae

HTTP Headers

GET /user/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f&sitekey=07ffecf830cfd29e&rtr=1&rtid=01150675717 HTTP/1.1
Host: rfrgrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gamesparody.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 28111469
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 0a97c29eb506a42427baacbdbc180ac1
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js

152.199.19.160

200 OK

12 kB

URL HTTP/2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
IP
152.199.19.160:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (32405)
Size
12 kB (12247 bytes)
Hash
29aaadd88feae1cc97337661a34bb99f
bf5c684d3c1dbeb119557404136ba91ae45d07b5
d4af778947d9005af87a62b411f328d3512edc6f9594ee46f0a34a57e6ef3c95

HTTP Headers

GET /ajax/bootstrap/3.3.2/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfrgrtr.com
Connection: keep-alive
Referer: https://rfrgrtr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 29204758
cache-control: public,max-age=31536000
content-type: application/javascript
date: Wed, 30 Nov 2022 23:52:28 GMT
etag: "194598e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:58 GMT
server: ECAcc (ska/F68B)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12247
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

142.250.74.42

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfrgrtr.com
Connection: keep-alive
Referer: https://rfrgrtr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:09:21 GMT
expires: Wed, 29 Nov 2023 11:09:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 132187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:52:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-208173773-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-208173773-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43582 bytes)
Hash
398a4cffd402167a3158c42e92c2f9bc
1c1056149edb59ce593de0b502b7873af01d223c
63d11decde32bc6a6fef6470a2abe248b65be526e7d82f11c855ea23bad78741

HTTP Headers

GET /gtag/js?id=UA-208173773-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 23:52:28 GMT
expires: Wed, 30 Nov 2022 23:52:28 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 22:37:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:52:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb

207.120.33.34

200 OK

48 kB

URL HTTP/2
rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb
IP
207.120.33.34:0
ASN
#3356 LEVEL3

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31139)
Size
48 kB (48342 bytes)
Hash
0a6be0184bc4aefbfa4e01b1921e0603
4504cbc5724bd1c558df37bbb29c86ae97ff3adf
71fb27d60bd2bac3357be5a75e643f7435a951add826ebf565e167fea57d979b

HTTP Headers

GET /user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb HTTP/1.1
Host: rfrgrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/user/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f&sitekey=07ffecf830cfd29e&rtr=1&rtid=01150675717
Cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 27548736
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: c1b0ebf0de4937996c6c617820fa694c
X-Firefox-Spdy: h2

rfrgrtr.com/common_tpls/images/ajax-loader.gif

207.120.33.34

200 OK

3.2 kB

URL HTTP/2
rfrgrtr.com/common_tpls/images/ajax-loader.gif
IP
207.120.33.34:0
ASN
#3356 LEVEL3

File type
GIF image data, version 89a, 32 x 32\012- data
Size
3.2 kB (3208 bytes)
Hash
be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

HTTP Headers

GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: rfrgrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb
Cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:28 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: 434a8bfc6b0ad2d71d90012ea1e8af86
x-varnish: 27548741 26572739
age: 13896
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: a9498c4598d5e8ee80f6f1b399f40f17
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RUDFtVTVgPAlwZGBMMEw%3D%3D&rst=4672&ck=1&ref=https://gamesparody.com/tools/landers/st/007hld/&ap=15&be=2209&fe=4611&dc=3025&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852341936,%22n%22:0,%22f%22:1670,%22dn%22:1673,%22dne%22:1674,%22c%22:1675,%22s%22:1704,%22ce%22:2152,%22rq%22:2153,%22rp%22:2181,%22rpe%22:2185,%22dl%22:2187,%22di%22:3006,%22ds%22:3025,%22de%22:3037,%22dc%22:4609,%22l%22:4610,%22le%22:4611%7D,%22navigation%22:%7B%7D%7D&fcp=3008&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RUDFtVTVgPAlwZGBMMEw%3D%3D&rst=4672&ck=1&ref=https://gamesparody.com/tools/landers/st/007hld/&ap=15&be=2209&fe=4611&dc=3025&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852341936,%22n%22:0,%22f%22:1670,%22dn%22:1673,%22dne%22:1674,%22c%22:1675,%22s%22:1704,%22ce%22:2152,%22rq%22:2153,%22rp%22:2181,%22rpe%22:2185,%22dl%22:2187,%22di%22:3006,%22ds%22:3025,%22de%22:3037,%22dc%22:4609,%22l%22:4610,%22le%22:4611%7D,%22navigation%22:%7B%7D%7D&fcp=3008&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RUDFtVTVgPAlwZGBMMEw%3D%3D&rst=4672&ck=1&ref=https://gamesparody.com/tools/landers/st/007hld/&ap=15&be=2209&fe=4611&dc=3025&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852341936,%22n%22:0,%22f%22:1670,%22dn%22:1673,%22dne%22:1674,%22c%22:1675,%22s%22:1704,%22ce%22:2152,%22rq%22:2153,%22rp%22:2181,%22rpe%22:2185,%22dl%22:2187,%22di%22:3006,%22ds%22:3025,%22de%22:3037,%22dc%22:4609,%22l%22:4610,%22le%22:4611%7D,%22navigation%22:%7B%7D%7D&fcp=3008&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:52:28 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77277f369f41b4ff-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=6489f47f65503c83; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 22:46:55 GMT
expires: Thu, 01 Dec 2022 00:46:55 GMT
cache-control: public, max-age=7200
age: 3933
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rfrgrtr.com/user/trk/?rtid=01150675717

207.120.33.34

200 OK

521 B

URL HTTP/2
rfrgrtr.com/user/trk/?rtid=01150675717
IP
207.120.33.34:0
ASN
#3356 LEVEL3

File type
gzip compressed data, max compression\012- data
Size
521 B (521 bytes)
Hash
8493ab0dc2dc324bc553b5c9cafee0ff
4f77b4f567a081675c563a28c5479456efb7914c
f1c07d612f697eb312df183c747816d56826a31678c2170cf059721418ff1c8f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /user/trk/?rtid=01150675717 HTTP/1.1
Host: rfrgrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjA0ODBhMGI5ZmZkMTQzYmEiLCJ0ciI6IjA3ZWM3ZjA5N2FhNGJlNWU0YWY5NjQ3N2M0YjRkNjE4IiwidGkiOjE2Njk4NTIzNDc0NDF9fQ==
traceparent: 00-07ec7f097aa4be5e4af96477c4b4d618-0480a0b9ffd143ba-01
tracestate: 3355250@nr=0-1-3355250-1103078842-0480a0b9ffd143ba----1669852347441
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb
Cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:28 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 28093474
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 2e3474947dc53aa7d83a8e90a372f3d3
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1131&ck=1&ref=https://rfrgrtr.com/user/&ap=187&be=572&fe=1078&dc=854&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852346549,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:14,%22rp%22:455,%22rpe%22:455,%22dl%22:459,%22di%22:851,%22ds%22:854,%22de%22:858,%22dc%22:1077,%22l%22:1077,%22le%22:1079%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1131&ck=1&ref=https://rfrgrtr.com/user/&ap=187&be=572&fe=1078&dc=854&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852346549,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:14,%22rp%22:455,%22rpe%22:455,%22dl%22:459,%22di%22:851,%22ds%22:854,%22de%22:858,%22dc%22:1077,%22l%22:1077,%22le%22:1079%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1131&ck=1&ref=https://rfrgrtr.com/user/&ap=187&be=572&fe=1078&dc=854&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669852346549,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:14,%22rp%22:455,%22rpe%22:455,%22dl%22:459,%22di%22:851,%22ds%22:854,%22de%22:858,%22dc%22:1077,%22l%22:1077,%22le%22:1079%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:52:29 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77277f3d3d711c0e-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=259e673fca68c6f8; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1317&ck=1&ref=https://rfrgrtr.com/user/

162.247.241.14

200 OK

24 B

URL HTTP/1.1
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1317&ck=1&ref=https://rfrgrtr.com/user/
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1317&ck=1&ref=https://rfrgrtr.com/user/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 285
Origin: https://rfrgrtr.com
Connection: keep-alive
Referer: https://rfrgrtr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:52:29 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 77277f3e5e151c0e-OSL
Access-Control-Allow-Origin: https://rfrgrtr.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

rfrgrtr.com/common_tpls/js/iframeResizer.contentWindow.min.js

207.120.33.34

200 OK

5.0 kB

URL HTTP/2
rfrgrtr.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
207.120.33.34:0
ASN
#3356 LEVEL3

File type
data
Size
5.0 kB (5029 bytes)
Hash
1ad0794619bdfdcc56f6bc5377e77fa4
7c9117b9c763dd8d849f25d4fa7d8066f883e710
e09058b4ff5e954bdbbe07d81c21226a00a3d7249a03e3d839714e7039bec42f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: rfrgrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb
Cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 57f345e2caa8037402c4190a1e7f1efa
x-varnish: 27817151 27665783
age: 13896
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: b01cfdec658c3abefd338b41baace11d
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/css/main.css

163.171.128.172

200 OK

0 B

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/css/main.css
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tools/landers/st/007hld/css/main.css HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: text/css
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: W/"61326455-526f"
content-encoding: gzip
age: 1
x-via: 1.1 PS-DFW-01gGZ147:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:17 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65139
X-Firefox-Spdy: h2

gamesparody.com/_bot_sbu/sbu_fpcm.js

163.171.128.172

200 OK

0 B

URL HTTP/2
gamesparody.com/_bot_sbu/sbu_fpcm.js
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_bot_sbu/sbu_fpcm.js HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: text/javascript
cache-control: no-store
X-Firefox-Spdy: h2

gamesparody.com/_bot_sbu/sbu_fpc.js

163.171.128.172

200 OK

0 B

URL HTTP/2
gamesparody.com/_bot_sbu/sbu_fpc.js
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_bot_sbu/sbu_fpc.js HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: text/javascript
cache-control: no-store
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/video/cute.mp4

163.171.128.172

206 Partial Content

0 B

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/video/cute.mp4
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tools/landers/st/007hld/video/cute.mp4 HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
Cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c; HOY_TR=TLUEQWYRMBGCFJSA,37859BDAC1E4F026,kqvswbmuhtzfxrjc; HBB_HC=c4a8ff51c5737463885677748cdfa0b92dffe53dcddf083699a3f2c563b762edf37a7a1913dd7d84b530e3fe02cd5797c9
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 30 Nov 2022 23:52:26 GMT
content-type: video/mp4
content-length: 13700177
server: waf/4.32.3-0.el6
last-modified: Fri, 03 Sep 2021 18:07:17 GMT
etag: "61326455-d10c51"
accept-ranges: bytes
content-range: bytes 0-13700176/13700177
x-via: 1.1 PS-SJC-011UH181:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:7 (Cdn Cache Server V2.0), 1.1 PS-FRA-01lai110:14 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecba_CSP-A15498_25948-65173
X-Firefox-Spdy: h2

bbrcomp.joinsafelyonline.com/routes/bbrcomp/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f

163.171.128.172

302 Found

0 B

URL HTTP/2
bbrcomp.joinsafelyonline.com/routes/bbrcomp/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /routes/bbrcomp/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f HTTP/1.1
Host: bbrcomp.joinsafelyonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gamesparody.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 30 Nov 2022 23:52:27 GMT
content-type: text/html; charset=UTF-8
server: waf/4.32.3-0.el6
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://rfrgrtr.com/user/?ofid=166&g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f&sitekey=07ffecf830cfd29e&rtr=1&rtid=01150675717
x-via: 1.1 PS-SJC-011UH181:5 (Cdn Cache Server V2.0), 1.1 kf230:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:12 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecba_CSP-A15498_27036-62355
set-cookie: PHPSESSID=fd0a903a3376ad22c48cfe5d51e5b57f; path=/; secure; SameSite=None
HMF_CI=990d375f1b01569edbf83b3bb16a618edb5993706ca31413a4ad451e84567935c3d9cfde61b571a22ee3d95b62dd1e7c34ef29b2627ae6ec8ddc14c212557a14ce; Expires=Fri, 30-Dec-22 23:52:27 GMT; Path=/
X-Firefox-Spdy: h2

rfrgrtr.com/common_tpls/js/validate_form_v2.js?jsv=29

207.120.33.34

200 OK

0 B

URL HTTP/2
rfrgrtr.com/common_tpls/js/validate_form_v2.js?jsv=29
IP
207.120.33.34:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common_tpls/js/validate_form_v2.js?jsv=29 HTTP/1.1
Host: rfrgrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb
Cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
etag: W/"63618a7b-614a"
section-io-cache-id: d73718c1802e19d9a934cf12b2b46bb1
x-varnish: 27817150 25360145
age: 13897
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 71545abd13f09b204c9e1ce861ff0344
X-Firefox-Spdy: h2

rfrgrtr.com/common_tpls/js/form_support.js?v=1516308712

207.120.33.34

200 OK

0 B

URL HTTP/2
rfrgrtr.com/common_tpls/js/form_support.js?v=1516308712
IP
207.120.33.34:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1
Host: rfrgrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rfrgrtr.com/user/?SID=e1922cdf628e91c807cfa6c53e7bb8fb
Cookie: PHPSESSID=e1922cdf628e91c807cfa6c53e7bb8fb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: 0b0f66a59a49eee262dcbbb92114d807
x-varnish: 27548740 26702343
age: 13896
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 2b9b4dbc66dcb29884a685352dedf0b5
X-Firefox-Spdy: h2

gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f

163.171.128.172

200 OK

0 B

URL HTTP/2
gamesparody.com/tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f
IP
163.171.128.172:0
ASN
#54994 QUANTILNETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tools/landers/st/007hld/?g=cute&r=ff0000&a_aid=bbrcomp&a_bid=273b2d3f HTTP/1.1
Host: gamesparody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:52:25 GMT
content-type: text/html; charset=UTF-8
server: waf/4.32.3-0.el6
age: 329
x-via: 1.1 PS-DFW-01gGZ147:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:8 (Cdn Cache Server V2.0), 1.1 PS-FRA-01lai110:22 (Cdn Cache Server V2.0)
x-ws-request-id: 6387ecb9_CSP-A15498_25948-65137
cache-control: no-store
set-cookie: HMF_CI=5ccaeb865f29b1bb54b5dfecec62b3e1b90eb0bbe8f0eafa33babd2c6d2f4436af3293aada1f50af179a619e5cb601f01a9c37a419fc1625cd278b95f36257bd1c; Expires=Fri, 30-Dec-22 23:52:25 GMT; Path=/
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations